package com.common;

public class Sql_changes {
	private static final String inj_str = "'@and@exec@insert@select@delete@update@count@*@%@chr@mid@master@truncate@char@declare@;@or@lock table@grant@drop@-@+@where@order@=@from@order@count@as@|@dual@sys@root@.@dbms@_@table@index@expt@\"@ascii@,";
    private static String strReplace(String str, String restr) {  
    	
        return str.replace(restr, "").replace(" ", "");   
    }   
       
    private static String dealNull(String str) {   
        String returnstr = null;   
        if (str == null)   
            returnstr = "";   
        else  
            returnstr = str;   
        return returnstr;   
    }   
    public static String sql_Infusion(String str) {   
        String inj_stra[] = inj_str.split("@");   
        str = dealNull(str);   
        str = str.toLowerCase();   
        for (int i = 0; i < inj_stra.length; i++) {   
            if (str.indexOf(inj_stra[i]) >= 0) {   
                str = strReplace(str, inj_stra[i]);   
            }   
        }
        return str;   
    }
}
